In computer system operations, the danger of attacks from malicious elements such as viruses has been increasing. The potential cost to system operations can be extremely high if an attack results in halting important operations, destroying data, or releasing sensitive information. For this reason, implementation of sufficient security processes to counter attacks or minimize damage has become essential.
For example, a non-volatile memory may contain the BIOS (basic input-output system) or a subset of the BIOS for a computer system. In a conventional process, a trusted platform module (TPM) or other system may be utilized to validate the sanctity of software images stored in non-volatile memory by performing a single cryptographic hash on the non-volatile memory, thereby creating a core root of trust for measurement (CRTM) for the system.
However, with conventional approaches, an attacker who succeeds in compromising computer system resources may compromise the entire system. The compromised system may not detect or report a security breach. As a result, a computer system may appear to be secure, but while in fact being the victim of a security breach. If the computer system is connected to a network, the system may then potentially spread the security attack through the network.